[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Safe Key Generation
At 10:08 AM -0700 7/1/97, Bob Jueneman wrote:
>How many user key pairs do you know of that were generated on TCSEC-rated A1
>systems using FIPS 140-1 rated level 4 cryptographic implementations? None,
>you say? OK, how many key pairs do you know of that were at least generated
>on a C2 rated system, using a FIPS 140-1 level 1 rated crypto? Again,
>virtually none, you say?
I am not sure I consider the rating of the system as important as its
history. For example, if you generate a key on a Mac/Windows system which
has been freshly installed from manufacturer's CDROM on a freshly
initialized hard disk, I would feel much safer than with a C2 system (no
Trojan horse protection) which had been running connected to the global
internet for 6 months.
-------------------------------------------------------------------------
Bill Frantz | The Internet was designed | Periwinkle -- Consulting
(408)356-8506 | to protect the free world | 16345 Englewood Ave.
frantz@netcom.com | from hostile governments. | Los Gatos, CA 95032, USA